--- - branch: MAIN date: Fri Nov 18 21:42:45 UTC 2011 files: - new: '1.15' old: '1.14' path: pkgsrc/security/opendnssec/Makefile pathrev: pkgsrc/security/opendnssec/Makefile@1.15 type: modified - new: '1.10' old: '1.9' path: pkgsrc/security/opendnssec/distinfo pathrev: pkgsrc/security/opendnssec/distinfo@1.10 type: modified id: 20111118T214245Z.7f6c340691fc762261de1cf65425a1d4b650aa3d log: | OpenDNSSEC 1.3.3 Bugfixes: * Auditor: Handle ruby 1.9 differences in ods-kaspcheck. * Auditor: Require dnsruby 1.53 for bugfixes. * Bugfix #262: Drudgers seem to be in a waiting state, but the RRset FIFO queue is full. Do an additional broadcast. * Enforcer: Check HSM connection when waking up from sleep, attempt to reconnect if it is not valid. (r5511 in trunk, ported into the branch due to issues seen when CKR_DEVICE_ERROR returned by HSM.) * libhsm: Added hsm_check_context() to check if the associated sessions are still alive. (Required for the above.) * ods-ksmutil: key import was not setting the retire time. * Signer Engine: Fix a threading issue, that could leave a zone without a task. * Signer Engine: Update the signed zone file if only the $TTL or explicit TTL has been changed. * Signer Engine: Remove the NSEC3PARAM RR when doing NSEC3 to NSEC rollover. * Signer Engine: Deal with carriage returns (dos format) in zone file. * Signer Engine: is PT0S means that refresh equals signtime. * Signer Engine: Defense in depth in signer for duplicate keys. * Signer Engine: Make sure that all required zonelist elements exist, otherwise error. * Signer Engine: Warn the user if the serial is b0rk, and you can not use the serial from the signconf. * Signer Engine: Log Auditor exit code. * Fix a similar bug like #257: Error in ods-signerd, where a corrupted backup file results in an invalid pointer free(). module: pkgsrc subject: 'CVS commit: pkgsrc/security/opendnssec' unixtime: '1321652565' user: pettai